汽車資訊保安 加密要求

2021-10-04 01:14:57 字數 4601 閱讀 3646

two-key tdea加密

disallowed

two-key tdea解密

legacy use

three-key tdea加密

deprecated through 2023

disallowed after 2023

three-key tdea解密

legacy use

skipjack 加密

disallowed

skipjack解密

legacy use

aes-128

加解密

acceptable

aes-192

加解密

acceptable

aes-256

加解密

acceptable

數字簽名生成

< 112 bits of security strength:

dsa: (l, n)

≠ (2048, 224), (2048,256) or (3072, 256)

ecdsa: len(n) < 224

rsa: len(n) < 2048

disallowed

≥ 112 bits of security strength:

dsa: (l, n) = (2048, 224), (2048,256) or (3072, 256)

ecdsa or eddsa: len(n) ≥ 224

rsa: len(n) ≥ 2048

acceptable

數字簽名核驗

< 112 bits of security strength:

dsa: ((512

≤ l < 2048) or (160 ≤ n < 224))

ecdsa: 160 ≤ len(n) < 224

rsa: 1024 ≤ len(n) < 2048

legacy use

≥ 112 bits of security strength:

dsa: (l, n) = (2048, 224), (2048,256) or (3072, 256)

ecdsa and eddsa: len(n) ≥ 224

rsa: len(n) ≥ 2048

acceptable

hash_drbg and hmac_drbg

acceptable

ctr_drbg with three-key tdea

deprecated through 2023

disallowed after 2023

ctr_drbg with aes-128/192/256

acceptable

dual_ec_drbg

disallowed

rngs in fips 186-2,ans x9.31,ans x9.62-1998

disallowed

金鑰生成主流有兩種:dh和mqv(menezes-qu-vanstone),同時也有有限域和橢圓曲線的dh和mqv;

sp 800-56a dh and mqv

schemes using finite fields

< 112 bits of security strength:

(len(p), len(q)) = (1024, 160)

disallowed

≥ 112 bits of security strength:

using listed safe-prime groups

orfips 186-type domain parameters (112-bit security

strength only):

(len(p), len(q)) = (2048, 224) or (2048, 256)

acceptable

non-compliant dh and mqv schemes using finite fields

< 112 bits of security strength:

len(p) < 2048 or len(q) < 224

disallowed

non-conformance to sp 800-56a

disallowed after 2020

sp 800-56a dh and mqv

schemes using elliptic curves

< 112 bits of security strength:

len(n) < 224

disallowed

≥ 112 bits of security strength:

(using specified curves)

acceptable

non-compliant dh and mqv schemes using elliptic curves

< 112 bits of security strength:

len(n) < 224

disallowed

≥ 112 bits of security strength:

non-conformance to sp800-56a or ig a.2

disallowed after 2020

sp 800-56b key agreement and key transport schemes

len(

n) < 2048

disallowed

len(

n) ≥ 2048

acceptable

non-sp 800-56bcompliant key agreement and key transport schemes

len(

n) < 2048

disallowed

pkcs1-v1_5 padding

deprecated through 2023

disallowed after 2023

other non-compliance

with sp 800-56b

deprecated through 2020

disallowed after 2020

kdf type

algorithm

status

hmac-based kdf

hmac using any

hash function

acceptable

cmac-based kdf

cmac using two-key tdea

disallowed

cmac using three-key tdea

deprecated through 2023

disallowed after 2023

cmac using aes

acceptable

sha-1

digital signature generation

disallowed, except where

specifically allowed by nist protocol-specific guidance.

digital signature verification

legacy use

acceptable

sha-2(sha-224

、sha-256、sha-384、sha-512,sha-512/224,sha-512/256)

sha-3

(sha3-224、sha3-256、sha3-384、sha3-512)

tuplehash and

parallelhash

acceptable for the purpose specified in sp 800-185

key lengths < 112 bits

disallowed

key lengths ≥ 112 bits

acceptable

key lengths < 112 bits

legacy use

key lengths ≥ 112 bits

acceptable

two-key tdea

disallowed

three-key tdea

deprecated through 2023

disallowed after 2023

aes

acceptable

two-key tdea

legacy use

three-key tdea

legacy use

aes

acceptable

aes

acceptable

key lengths < 112 bits

disallowed

key lengths ≥ 112 bits

acceptable

智慧型網聯汽車資訊保安測試解決方案

概述 為滿足日益嚴格的國內外法規和標準要求,應對愈發嚴峻的資訊保安風險,智慧型網聯汽車通常整合越來越多的資訊保安檢測和防禦措施。而相關的安全措施整合到部件和整車之後,能否發揮有效的防護效果,需要通過嚴格的資訊保安測試進行驗證和確認。經緯恆潤資訊保安團隊針對智慧型網聯汽車提供一系列的資訊保安測試解決方...

汽車資訊領域群雄並起,路在何方

內容市場的格局近年來也正發生微妙變化,垂直領域內容,越來越成為乙個公認的風口。水漲船高,汽車資訊消費市場發展空間大 自2018年首次出現銷量負增長後,中國汽車市場從 增量時代 正式進入 存量時代 在這個特殊的歷史階段,新冠肺炎疫情突然出現,再一次衝擊了本已身處寒冬的中國汽車產業。連續兩年的下行壓力加...

邁入認知商業時代!看IBM如何為汽車資訊化精準定位

2017年中國汽車cio峰會在對百餘位汽車企業cio展開書面問卷調查後,分析出近兩年為數眾多的汽車廠商在進行企業數位化轉型過程中,都在部署物聯網 雲計算 大資料分析 移動辦公等解決方案,同時指出轉型聚焦化困難,缺少完整數位化藍圖,對如何更好的進行資料分析 物聯網服務 雲端建設 企業it架構建模等方面...